Insights

Critical Path Security is thrilled to share that our partner, Léargas Security is proud to announce the 5th commercial version of their converged security platform! Léargas World Container represents a monumental overhaul of our platform focusing on end user experience while continuing to add and enhance the foundations that drive functionality. Details: New User Interface: Our slick new interface makes navigating Léargas a dream! The central dashboard makes clear what needs to be reviewed and provides quick access to the detailed alerts needed to identify and respond to malicious activity. Role Based Security: Our new security model enables platform administrators to grant users access to as much or as little data as they need to get the job done! Virtual Appliances: While we were already proud of our fast appliance deployment times we decided to shoot for the moon with a custom OVA that can be downloaded and deployed to…

11Alive/NBC News reports that the Department of Public Safety computer systems are still offline with no timeline as to when they'll be back up. But it's not the first agency to run into issues with malware in recent weeks. Patrick Kelley goes on record stating: "Officers that are responding are trained very well and are competent to do their duties even when they are hampered, but I can't trivialize the impact that those officers responding and not having immediate access to the information that they need," explained Patrick Kelley.

"A vulnerability in the Mac Zoom Client allows any malicious website to enable your camera without your permission. The flaw potentially exposes up to 750,000 companies around the world that use Zoom to conduct day-to-day business." We highly recommend that Critical Path Security customers work with their Account Manager or IT Provider to implement a solution to protect the organization, as soon as possible! Read more

Critical Path Security researcher Patrick Kelley told BleepingComputer that he was able to quickly find the credentials bad actors would need to infiltrate both the City of Griffin and P.F. Moon's systems with the help of several OSINT tools and techniques such as Shodan, RiskIQ's PassiveTotal, data dumps, and pastes. "I work heavily with small governments. Very similar issues across all municipalities. Small budgets. High expectations. I was VERY happy that the City of Griffin was doing Security Awareness Training. It's quite rare," added Kelley. "The biggest thing we've been pushing that works are phone, text, some sort of additional factor to authorize a payment change." Read more